Our Compliance and Audit Services assist organizations in achieving regulatory compliance, specifically with R155 CSMS, R156 SUMS, and other relevant standards. We provide support in meeting the requirements outlined in the standards and conduct audits to assess cybersecurity practices. Our experts verify supply chain security to ensure that all stakeholders maintain the necessary cybersecurity measures. Additionally, we conduct end-of-life security assessments to address potential risks during the decommissioning or disposal of vehicles. Our services help organizations maintain adherence to industry standards, enhance cybersecurity posture, and provide stakeholders with the necessary assurance.
Regulatory Compliance Assessment
Assessment of Regulatory Requirements: Conducting a comprehensive evaluation of the organization′s compliance with relevant regulations and standards specific to the automotive industry. This activity ensures adherence to regulations such as UN Regulation No. 155 and No. 156, which define requirements for cybersecurity management systems (CSMS) and software update management systems (SUMS).
Supply Chain Security Assessment
Supplier Evaluation and Auditing: Assessing the cybersecurity practices of suppliers and third-party partners involved in the automotive supply chain. This activity includes evaluating their security controls, policies, and procedures to ensure that the supply chain remains resilient against cyber threats
Cybersecurity Audits
Comprehensive Security Audits: Performing audits to evaluate the effectiveness of an organization′s cybersecurity controls, policies, and procedures. This activity involves assessing the overall cybersecurity posture, identifying areas of improvement, and providing recommendations for enhancing security measures.
Standards and Framework Compliance
Compliance with Industry Standards: Ensuring alignment with industry-recognized cybersecurity standards and frameworks, such as ISO/SAE 21434 and NIST Cybersecurity Framework. This activity involves evaluating the organization′s compliance with these standards and providing guidance on achieving and maintaining compliance.